Overview

overview

1

Static

static

1

31720777b4...53.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    215s
  • max time network
    204s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-09-2023 21:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    31720777b45a52e0bee92e64105fdfdf68abea53.exe

  • Size

    1.2MB

  • MD5

    58817ac22bc2f56e86d3c60253bdaed9

  • SHA1

    31720777b45a52e0bee92e64105fdfdf68abea53

  • SHA256

    24b31c4a0c540ade7879ee68cfb3e03cbf411fd0b70aff00b2bc743809019b32

  • SHA512

    5777def3617a7410224ffb4ad0740ac13202e196861310d6033995927a17e3487294998de7d16ed1364798dd37a80411b8d80160a6de33b2ad0bd77428e0c993

  • SSDEEP

    24576:SoyyzDBXE5OljBjauSRJZXCi2GpnXZK1PMUOcIa3oz4Yk45cIpBsP6:xyIdtvBGpn01ucVA4Y7BsS

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\31720777b45a52e0bee92e64105fdfdf68abea53.exe
    "C:\Users\Admin\AppData\Local\Temp\31720777b45a52e0bee92e64105fdfdf68abea53.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:5016
  • C:\Windows\SysWOW64\werfault.exe
    werfault.exe /h /shared Global\d0fd03ae90bf47d7b39343bcb8ae88d0 /t 1388 /p 5016
    1⤵
      PID:3864
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:3804

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads